• Wireless   :  in English means \wireless\.
• Wireless : in English means \wireless\.

• WiFi : the name WiFi (contraction of) Wireless Fidelity) initially is the name given to the certification issued by the WiFi Alliance 2 formerly WECA (Wireless Ethernet Compatibility Alliance)the body responsible for maintaining interoperability between devices to the 802.11 standard. By abuse of language (and for marketing reasons) the name of the standard today merges with the name of the certification. Thus a network WiFi is actually a network to the 802.11 standard.


• Hot Spot : public area covered by a wireless network.
• WA : as Wireless adapt. Understand : wireless network interface.
• AP : Access Point Access point in \infrastructure\ mode.
• BSS : Basic Service Set set of basic services. Trained together to a point of access and the stations that are connected. Also called 'Cell'.
• BSSID : identifier of a BSS. Absolutely fundamental, it's actually the MAC address of the access point.
• ESS : in a network of type 'infrastructure', it will often be only one AP is not sufficient to ensure the desired coverage. In this case, it will add other points of access, taking care that they can work well. If we do, we will have then created a ESS : Extended Service Setwhich is really just a continuum of BSS. This set, by extension, may relate to a single access point.
- ESSID : ID of theESS. It is a name that the administrator will give the (x) access point (s) who is (or are) theESS. In the particular case where theESS consists of a single BSSWe can also talk of SSID.
• DS : Distribution System Distribution system that is there to connect them several AP so that they constitute a ESS.
• IBSS : Independant BSS same as a BSS, but without AP. In other words, it is a set of stations connected mode ad-hoc. One IBSS must have one SSID unique.
• WEP Wired Equivalent Privacy : encryption of the network (at the level of liaison, i.e. at level 2) that the ambitious goal is to make a network as secure as a wired network wireless. View of the side user, WEP is an encryption key that will be shared among the partners to a same ESS.
• WPA : WiFi Protected Accessas WEP has not really convinced everyone, the WiFi Alliance has decided to standardize a new security system.








Authentication


Absent from the WEP, authentication makes its appearance in WPA. The Protocol provides for two modes of authentication :
a company - that means to install a central server (of type Radius for example) to identify any person wishing to connect a mode and personal.
WPA leverages the 802.1 x family and Protocol EAP (Extensible Authentification Protocol)extension of the Protocol 9PPP(Point to Point Protocol), that can support many mechanisms of authentication such as token cards, one-time passwords and public key authentication using smart cards.
• MIMO : Multiple-Input Multiple-Outputstill called multipath. It is a very complex technology, using multiple antennas to broadcast radio waves.
Practically, the goal is to improve performance by correcting as much as possible interference problems. The announced result is a minimization of the shadow points and an increase in the scope. Exists for 802 .11b and 802.11 g and should be standardized in 802.11n.








network scheme WiFi
network scheme WiFi

The wired network


We have a wired Ethernet, we use of course TCP/IPthe network uses the IP 172.16.0.0/16 range.
A gateway to the Internet is present (Linux machine with) IPtables), there is a server on this network DHCP allows to automatically configure hosts on the network. This works perfectly, and now we want to expand this network with a WiFi access so that mobile stations can simply access this network.
So let's add an AP (Access Point) which will be the DWL-2100AP Terminal.

It is a \simple\ access point, in the sense where there is modem or router built into the casing.
It is typically designed to be connected to an existing wired network
The back side shows the extreme simplicity of this type of equipment. From left to right :
• the antenna,
• the power plug,
• the button reset,
• the RJ45 network jack.

Almost just plug in to make it work. Almost, because, as we shall see, this has a default IP address AP equal to 192.168.0.50.
It's good, but it won't with the addressing plan that we have in the example. Here, simply plug is only the first step, but for now, the Terminal remains unusable.








username and password travels in clear
username and password travels in clear

password WiFi


The Terminal is provided with a utility that should be able to solve this problem :
Once the IP address problem is solved, we can dispense with this utility, the point access shipping a mini web server that allows you to configure.
Any station connected to the network will have access to this web server.
There is still a required identification. By default, the user is called admin and the password is empty.
The first thing to do is to change this :

If your hardware allows, use a name to administrator that out a little of the ordinary and above all, a password that is solid and even, why not a user name not trivial.
AP Manager uses the tftp protocol there is no username and password circulates there also in the clear.

The third solution, it would be telnet, but then again, the login information go clear.
Local network, it is already not terrible on the safe side. On a corporate network, it's tricky.
On the customer side there are used different wireless cards :

• a D-Link DWL-G650 802.11g (PCMCIA)the only of the four to support the WPA system
• a D-Link DWL-650 802.11bthe only we can do work properly under Linux with the drivers Hostap
• a BeWAN PCMCIA 802.11b
• a Marvell 802.11g integrated to the motherboard Asus P5GD2









accessible IP address for administration
accessible IP address for administration

Simple config


We assume that our access point is properly configured local network, with an available IP address for administration side.
Simply configure the Terminal to access point, to assign an SSID, possibly a channel. If we have a DHCP server on the local network, it won't be necessary to set up one that is present on the Terminal. Otherwise, it will be easier for clients to use the DHCP server on the Terminal, then configure.

You take a cell phone equipped with WiFi, do a search for available Wi - Fi networks :
Normally, it is within reach of your terminal, to easily find and tell you the SSID of the network :

It remains to connect :

Anyone can do that. Think a WiFi network there going where he wants.
Here is a small graphical utility, Linux, which does the same thing :

Kismet
Airodump

Anyone within reach of your base station, can connect to your WiFi network and can for example :

• consume your bandwidth
• integrate into the local network and take advantage of shared resources.
• take possession of machines for all sorts of things that can be used, then, from the Internet.
• use the Internet to engage in all kinds of reprehensible activities.






1   2   3